# Configuration

## Environment variables

Environment variables have priority over configfile settings.

Example variable settings:

```
SITE_ROOT=../mysite.ru
CONFIG_FILE=../mysite.ru/config.toml
DISABLE_TLS=1
BIND_ADDR=0.0.0.0:3030
OAUTH2_CILENT_ID=ffffffffffffffffffffffffffffffff
OAUTH2_CILENT_SECRET=ffffffffffffffffffffffffffffffff
OAUTH2_URL=https://oauth.yandex.ru/authorize
OAUTH2_TOKEN_URL=https://oauth.yandex.ru/token
OAUTH2_REDIRECT_URL=https://mysite.ru/token
OAUTH2_SCOPES=login:email,login:default_phone
OAUTH2_INTRO_URL=https://login.yandex.ru/info
OAUTH2_INTRO_API=yandex
```

Variables:

| Var                    | Description                                                                   | Allowed values |
|------------------------|-------------------------------------------------------------------------------|----------------|
| `SITE_ROOT`            | Path to the site root folder of the site hierarchy                            |                |
| `CONFIG_FILE`          | Path to the site configuration file                                           |                |
| `DISABLE_TLS`          | Use HTTP rather than HTTPS (regardless of configfile settings)                | any            |
| `BIND_ADDR`            | TCP addr/port to bind to                                                      | `ip`:`port`    |
| `OAUTH2_CILENT_ID`     | our oauth2 client id (generated by the oauth2 provider upon registration)     |                |
| `OAUTH2_CILENT_SECRET` | our oauth2 client secret (generated by the oauth2 provider upon registration) |                |
| `OAUTH2_URL`           | the oauth2 provider's url where the authorization process starts              |                | 
| `OAUTH2_TOKEN_URL`     | the oauth2 provider's url where we exhange code for token                     |                |
| `OAUTH2_REDIRECT_URL`  | our url where the oauth2 provider returns control to                    | site root + `/token` |
| `OAUTH2_SCOPES`        | oauth2 scopes we request, email and phone are mandatory    | `login:email,login:default_phone` |
| `OAUTH2_INTRO_URL`     | the oauth2 provider's token introspection url                                 |                |
| `OAUTH2_INTRO_API`     | the oauth2 provider's token introspection protocol                    | `standard` or `yandex` |
| `TLS_CERT`             | path to file with TLS certificate (only required if `DISABLE_TLS`=0)          |                |
| `TLS_KEY`              | path to file with TLS certificate key (only required if `DISABLE_TLS`=0)      |                |
| `COOKIE_DOMAIN`        | domain to set cookies in                                                      |                |

# Site configuration file

TODO